f1f24f38743a482e667c87d8830fade78b943d87656f30d778fe7c18858d79d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2823c84e807b3e35d69f28900cc9dc64_JaffaCakes118
Size

100KB
Sample

240706-l1m5lsvfjp
MD5

2823c84e807b3e35d69f28900cc9dc64
SHA1

6d90602047b3dcb0085a6855e892ed963adaf47b
SHA256

f1f24f38743a482e667c87d8830fade78b943d87656f30d778fe7c18858d79d8
SHA512

8e0718e120c4a7539c5b6a884f9f715f24ab9436db76347237e6e98003e48697a09f28bf707a876fb4f837b1be49276cd5cdfb3a12977b42820507b853a0604c
SSDEEP

3072:z1ye+dpi2wPnIjnGxtWMFfUn/hsfBQijC/2ceanj7EYZp0/Y:z10SPncGx8A8/hsAOcearcg

Score

7^/10

Malware Config

Targets

- Target
  
  2823c84e807b3e35d69f28900cc9dc64_JaffaCakes118
- Size
  
  100KB
- MD5
  
  2823c84e807b3e35d69f28900cc9dc64
- SHA1
  
  6d90602047b3dcb0085a6855e892ed963adaf47b
- SHA256
  
  f1f24f38743a482e667c87d8830fade78b943d87656f30d778fe7c18858d79d8
- SHA512
  
  8e0718e120c4a7539c5b6a884f9f715f24ab9436db76347237e6e98003e48697a09f28bf707a876fb4f837b1be49276cd5cdfb3a12977b42820507b853a0604c
- SSDEEP
  
  3072:z1ye+dpi2wPnIjnGxtWMFfUn/hsfBQijC/2ceanj7EYZp0/Y:z10SPncGx8A8/hsAOcearcg
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2